Vulnerabilities > Intel

DATE CVE VULNERABILITY TITLE RISK
2017-09-05 CVE-2017-5698 Unspecified vulnerability in Intel products
Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user with administrative privileges.
local
low complexity
intel
4.4
2017-08-29 CVE-2017-12865 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted response query string passed to the "name" variable.
network
low complexity
intel debian CWE-119
critical
9.8
2017-08-09 CVE-2015-2291 Improper Input Validation vulnerability in Intel products
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics driver for Windows allows local users to cause a denial of service or possibly execute arbitrary code with kernel privileges via a crafted (a) 0x80862013, (b) 0x8086200B, (c) 0x8086200F, or (d) 0x80862007 IOCTL call.
local
low complexity
intel CWE-20
7.8
2017-08-09 CVE-2017-5695 Improper Input Validation vulnerability in Intel products
Data corruption vulnerability in firmware in Intel Solid-State Drive Consumer, Professional, Embedded, Data Center affected firmware versions LSBG200, LSF031C, LSF036C, LBF010C, LSBG100, LSF031C, LSF036C, LBF010C, LSF031P, LSF036P, LBF010P, LSF031P, LSF036P, LBF010P, LSMG200, LSF031E, LSF036E, LSMG100, LSF031E, LSF036E, LSDG200, LSF031D, LSF036D allows local users to cause a denial of service via unspecified vectors.
low complexity
intel CWE-20
4.6
2017-08-09 CVE-2017-5694 Unspecified vulnerability in Intel SSD PRO 6000P Firmware Psf104P/Psf109P
Data corruption vulnerability in firmware in Intel Solid-State Drive Professional PSF104P, PSF109P allows local users to cause a denial of service via unspecified vectors.
low complexity
intel
4.6
2017-07-26 CVE-2017-5691 Unspecified vulnerability in Intel products
Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via incorrect early system state.
network
low complexity
intel
critical
9.0
2017-06-14 CVE-2017-5697 Improper Restriction of Rendered UI Layers or Frames vulnerability in Intel Active Management Technology Firmware
Insufficient clickjacking protection in the Web User Interface of Intel AMT firmware versions before 9.1.40.1000, 9.5.60.1952, 10.0.50.1004, 11.0.0.1205, and 11.6.25.1129 potentially allowing a remote attacker to hijack users web clicks via attacker's crafted web page.
network
low complexity
intel CWE-1021
6.5
2017-05-31 CVE-2017-5688 Unspecified vulnerability in Intel Solid State Drive Toolbox 3.4.3
There is an escalation of privilege vulnerability in the Intel Solid State Drive Toolbox versions before 3.4.5 which allow a local administrative attacker to load and execute arbitrary code.
local
low complexity
intel
6.7
2017-05-02 CVE-2017-5689 Unspecified vulnerability in Intel Active Management Technology Firmware
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).
network
low complexity
intel
critical
9.8
2017-04-04 CVE-2017-5683 Unspecified vulnerability in Intel Hardware Accelerated Execution Manager 6.0.4
Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access.
local
low complexity
intel
7.8